As I sit in my office, I find myself glancing out into the once crowded parking lot, now to discover it is only composed of ten vehicles or less. I begin to reflect on the harsh reality that many of my neighboring businesses have already be forced to shut down. Currently, various Governments across the world are making determinations over what types of businesses should remain open and which ones should close. Millions and millions of people will lose their jobs and money will become a desperate necessity. Many networks will be left unguarded; or merely guarded by automated controls, only to alert administrators in the event of an incident. Unfortunately, these automated controls don’t always work.
With many being asked to work from home, the doors to intellectual property and regulated data become accessible on uncontrolled networks. Kids who are asked to stay at home and do remote learning will be using corporate devices to access assignments and webpages.
In Canada, the country has shut down at least one IT Distributor which means licenses for many security products won’t be available to be renewed, including essentials such as firewalls, EndPoint Protection, and MFA.
As I sit here reading the news and reading the tea leaves, I can see what is about to happen. We are about to witness the largest swath of cyber crime we have ever seen. And with the governments holding back commerce, many will be unable to pay for the remediation and preventative services. Needless to say, this inevitable truth will force many into bankruptcy or shutting down. Sadly, no one in the federal government is talking about it and governors are currently implementing draconian measures that will further fuel the fire.
This has to stop and the strategy needs to be re-launched.
There is a way to handle a crisis and a way not to handle a crisis. Shutting down commerce always leads to crime. People out of desperation will resort to all sorts of measures as comically portrayed in the Jim Carry hit, Fun with Dick and Jane. Until the governments change course, you can do something about this crisis to help mitigate your risk.
As a business leader or networking professional you can do a lot to protect and prevent this from defeating your company. Consider the following requirements listed below. Now is not the time to cut corners; you must take actions to ensure that you are ready to combat this crisis.
Maintain Licensing - Any licensing for a cyber security or IT project needs to be maintained. This is not the time to cut back on these expenses. You will need to keep your defenses up and alert. If you are using outside companies to maintain the security, continue that as normal. IT and SecOps are necessary components. Some small businesses are making a mistake and dropping these services. That will create opportunity for other companies to steal market share. Do not let that happen to you.
Build Secure Access - If you don’t already have a secure platform for remote work, turn one on today. Build a secure VPN, Access Portal, or Gateway. Keep your employees working securely and you will minimize any business impact.
Turn on MFA - If you are not using MFA, now is the time. Contact us for a free trial license and start down this road. The best time to turn on MFA was before a crisis, now is the second-best time. So, let’s do this.
Review Logs - No one likes to sift through logs except super analytical people, but you need to now. Logs should be reviewed on a frequent basis and look for strange activity. Look for any possible hack into your network. If you are using a SIEM even better, but if not, human intuition will work fine for now. Just watch firewall and core networking activities.
Review EndPoint Protection - The necessity of EP has never been greater than during a remote working situation. You will be subject to more unauthorized attempts than ever. Ransomware will find new victims. Shore up these defenses now.
Relax - The first thing everyone needs to do is relax and not panic. Having concern for a situation does not mean you should make decisions in a panic. While your business may experience a pull back, IT and Cyber Security will be what gets you through this. Do not stop making investments in projects and licensing. Keep things moving forward.
We can get through anything. I want to see all of us emerge from this mess stronger and more stable. If you take the proper steps now, you will be able to weather the storm and survive long term. Don’t make short term decisions and expect long term results.